Sorry -- digging into that 500 was on my plate, but there was a logging bug on errors... and then some poor docs for the framework I'm using... and before you know it, the yak stack was piled high. I'll cycle around to that again this evening.
Alex On Mon, Jun 18, 2018 at 9:53 AM Rob Stradling via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > On 17/06/18 21:09, Daniel Cater via dev-security-policy wrote: > > On Monday, 14 May 2018 15:25:43 UTC+1, Rob Stradling > >> I'm currently running the check against all of the certs on the crt.sh > >> DB. I'll report back once this has completed. > > > > Hi Rob, > > > > Did your checks find anything else in the end? > > Hi Daniel. Thanks for the reminder. :-) > > I found a total of 1,589 certs on the crt.sh DB with Debian weak keys, > and I did intend to publish a report. I figured that creating a new > batch on misissued.com would be the best way to present the data, but > that gives me an HTTP 500 response whenever I try to submit the list of > crt.sh IDs. > > Until misissued.com lets me submit the list, you can find the list of > affected certs in a table on the crt.sh DB called "has_debian_weak_key". > > -- > Rob Stradling > Senior Research & Development Scientist > Email: r...@comodoca.com > > _______________________________________________ > dev-security-policy mailing list > dev-security-policy@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-security-policy > _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy